This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.

1Password (iOS/OS X) Non-Browser Login: 1Hour Harang

<div class="IPBDescription">Huh?</div>First post and a couple of questions I was unable to find any answers to. My motto is: there are no stupid questions, only stupid answers (that'll give you a general idea of the upcoming contents, and my complete lack of insight in this regard).



So, when generating a password for, let's say, your Facebook login, logging in via your browser and 1Password on your computer won't be a problem. However, will 1Password for iPhone log in in the same manner as when logging in via the computer, when using the Facebook iOS app? And likewise, and perhaps more importantly, will it do the same when trying to log into the iPhone App Store (and/or your Apple or MobileMe account)? This is not very clear to me at this particular moment. The iOS App Store, for instance, uses a pop-up window to ask for login details. I assume 1Password doesn't have access/rights (or even remote possibility) of inputting any values in these fields. In point of fact, I guess this is what the iOS (and subsequently all) versions of 1Password should do, right? Or does it only work with browser logins? If so, generating a password for your MobileMe account using 1Password, would be futile beyond browser interaction, as one uses not only the browser to log in to this service, but rather a number of other applications as well. Obviously, this would be true of any other applications on other platforms too (i.e. App Store for OS X etc.).



This leaves me thinking: if it is the case that I cannot use 1Password to generate truly secure passwords for my most vital and crucial base services, this will leave me having to memorize less secure passwords for the most vital services, thus, rendering these, the most crucial services, more vulnerable because of that. Unless, of course, the point is to actively use copy/paste from the 1Password database of login credentials when logging via non-browser applications.



In any event, I hope someone can give this "gnoobie" a few pointers, and possible solutions.



Gnoober

Comments

  • [Deleted User]
    edited April 2011
    Hi Gnoober,



    First of all, welcome to the forums, it's great to have you with us.



    Our iOS versions of 1Password can't be integrated with either Mobile Safari, as it has no extensions support unlike it's desktop big brother, or other iOS applications such as Facebook or the App Store itself.



    The reason for the latter really comes down to the way iOS works, or rather how iOS applications work. Each app is effectively it's own 'sandbox' and so there's no communication with other apps, except where Apple provide APIs for accessing your calendar and contacts data. This means that 1Password can't fill password prompts for other apps or the App Store.



    For these types of prompts, you can certainly still generate secure passwords, and in fact I do this myself, but you'd need to copy and paste the details to the app in question. With apps like Facebook this isn't so much of an issue because they tend to store your credentials securely in the iOS keychain, but for things like your App Store password which for obvious reasons is required for every purchase, you will need to copy and paste it from 1Password, or use a less secure password.



    A compromise I tend to like is to use the pronounceable password generator in 1Password on the desktop to generate a password such as 'rys-act-yig-chue' which is still very secure, but is much easier to remember than something like 'JjF2pGHrZYfPWnQebo4NxkLCR' (these are generated just for this post by the way, I'm not that crazy to give out my actual passwords).



    I don't know if Apple will ever change this on iOS, keeping control over how apps can communicate with each other and the core of iOS itself has some security advantages and as such can bring a lot of confidence about the security of iOS.



    Hope that helps to clear things up for you,
  • Thank you for clearing that up, Stu <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/smile.gif' class='bbc_emoticon' alt=':)' />
  • [quote name='Gnoober' timestamp='1302068784' post='24041']

    Thank you for clearing that up, Stu <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/smile.gif' class='bbc_emoticon' alt=':)' />

    [/quote]



    You're very welcome, Gnoober!
  • Dave Creek
    Dave Creek Member
    edited April 2011
    Thanks, Gnoober, for asking the question about the problem that's been bothering me a LOT. Thanks, Stu, for the answer...even though I hate it! I have terribly poor typing skills so long passwords are a chore for me.



    Maybe there's a way to have an easily accessible password-protected text document that has my most commonly used passwords for sites like Apple Apps. I'd open that doc when I start using my iPad and It would close when my iPad locks. I clearly haven't thought this though thoroughly. Comments/suggestions?
  • Dave Creek
    Dave Creek Member
    [quote name='Dave Creek' timestamp='1302363681' post='24391']

    Thanks, Gnoober, for asking the question about the problem that's been bothering me a LOT. Thanks, Stu, for the answer...even though I hate it! I have terribly poor typing skills so long passwords are a chore for me.



    Maybe there's a way to have an easily accessible password-protected text document that has my most commonly used passwords for sites like Apple Apps. I'd open that doc when I start using my iPad and It would close when my iPad locks. I clearly haven't thought this though thoroughly. Comments/suggestions?

    [/quote]



    Hmmmm... I guess I could use a 1Password secure note.
  • Dave Creek
    Dave Creek Member
    Nope, SecureNote doesn't work except for ONE password because "Copy" copies ALL of the note.
  • khad
    khad Social Choreographer
    edited April 2011
    Using 1Password on iOS devices, I would suggest creating an "Accounts" item such as "Generic Account" to save the credentials (if you do not already have them saved as a website "Login" item). Often the password I need for an app is the same as the one I use for the company's website (e.g. Dropbox, Facebook, Twitter, etc.). A single tap-and-[b]copy[/b] on the password field will allow you to switch back to the appropriate application and [b]paste[/b] the password in.



    I am constantly [b]copying[/b] my iTunes password from the Accounts vault in 1Password in order to [b]paste[/b] it to purchase an app. It would be nice if it were even simpler, but it has just enough friction for me to dissuade me from purchasing [i]too[/i] much. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/laugh.gif' class='bbc_emoticon' alt=':lol:' />
  • Dave Creek
    Dave Creek Member
    [quote name='khad' timestamp='1302426850' post='24486']

    Using 1Password on iOS devices, I would suggest creating an "Accounts" item such as "Generic Account" to save the credentials (if you do not already have them saved as a website "Login" item). Often the password I need for an app is the same as the one I use for the company's website (e.g. Dropbox, Facebook, Twitter, etc.). A single tap-and-[b]copy[/b] on the password field will allow you to switch back to the appropriate application and [b]paste[/b] the password in.



    I am constantly [b]copying[/b] my iTunes password from the Accounts vault in 1Password in order to [b]paste[/b] it to purchase an app. It would be nice if it were even simpler, but it has just enough friction for me to dissuade me from purchasing [i]too[/i] much. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/laugh.gif' class='bbc_emoticon' alt=':lol:' />

    [/quote]





    Thanks, Khad.



    Dave
  • khad
    khad Social Choreographer
    Cheers! <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_bigsmile.png' class='bbc_emoticon' alt=':-D' />